Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
 Posted - 2006-01-19 : 15:58:07
|
hello everyone,our website uses ASP VB script and SP to authenticate users login.However going through the log of logged in users, we noticed a certain username "wrecko" that was successfully logged inHow is this possible, when the username does not exisit in our db ?Afrika  |
|
|
blindman
Master Smack Fu Yak Hacker
2365 Posts |
Posted - 2006-01-19 : 16:22:40
|
| Are you using mixed security? Could it have been a network login?Try announcing "There is a package waiting for Wrecko at the front desk. Wrecko, report to the front desk please." over your public address system. |
 |
|
|
blindman
Master Smack Fu Yak Hacker
2365 Posts |
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-01-19 : 16:50:58
|
| It could not have been a network login. The SP that authenticates it, is called from an ASP page, it does a search, and if successful it logs the details and returns a status to the ASP page |
|
|
|
uberman
Posting Yak Master
159 Posts |
Posted - 2006-01-20 : 05:45:12
|
| Have a look at [url]http://weblogs.sqlteam.com/jhermiz/archive/2006/01/09/8746.aspx[/url]Although you are using an SP you might want to review how it works (for example, does it use dynamic sql generation?)You could also try logging all the parameters passed into your SP to a table for review for a while to see if you can spot when "wrecko" logs in and with what details... |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-01-20 : 15:21:48
|
Thanks for your advice, the solution was acutally quite simple. It was far from an sql injection attack, with the solution we implemented, its quite impossible :-)it was actually the newest user, whose name did not reflect in our list of new users, due to a cache problem with our ISP, cache (ing) the old web pageThanks for the article, its very usefulAfrikaphewwwww .... I almost lost my hair there |
|
|
|
|
|
|
|
|
Hack Attempt ???